Australia locks down ports after ‘nationally significant’ cyberattack

File: The Portland Bay cargo ship is towed safely into Port Botany, Sydney, New South Wales (EPA)
File: The Portland Bay cargo ship is towed safely into Port Botany, Sydney, New South Wales (EPA)

Australia says it is responding to an ongoing cyberattack targeting major ports, prompting operator DP World to temporarily restrict access to the network on Saturday.

The operator shut down four ports at Sydney, Melbourne, Brisbane, and Fremantle after detecting a cybersecurity incident late on Friday night. DP World is responsible for 40 per cent of Australia’s maritime freight.

Home minister Clare O’Neil said the Australian government was aware of the developing situation.

“The government is coordinating the government response to this incident, with the National Coordination Mechanism to meet shortly,” the minister said.

DP World Australia said it had “restricted landside access to our Australian port operations” during the ongoing investigation.

“Our teams are working diligently to contain the situation and determine the impact on our systems and data,” it said in a statement to the Australian Financial Review.

“This is part of a comprehensive response which includes engaging with cybersecurity experts, actively investigating the incident and notifying the relevant authorities.”

The restrictions imposed by DP World meant ships were unable to unload freight and freight was also barred from leaving the port site.

Federal cybersecurity coordinator Air Marshal Darren Goldie said the government was dealing with a “nationally significant incident impacting a number of maritime port facilities”.

He said he had co-chaired a meeting with the National Emergency Management Agency to consider and address impacts arising from the incident.

Mr Goldie said the interruption was likely to continue "for a number of days", impacting the movement of goods into and out of the country.

“Our priority is to assist DP World Australia to resolve the incident, so they are in a position to restore access to the ports they operate across the country,” he said.

The Australian Federal Police have opened an investigation into the cyberattack, he added.

The cybersecurity incident follows a cyberattack at Melbourne’s cryptocurrency exchange Coinspot, which saw more than $2m taken away from accounts.

In September, a data breach caused the information of nearly 200,000 Pizza Hut customers to be leaked.